今天,这些“最佳”解决方案是什么?
这似乎是一个不错的选择:
https://defuse.ca/php-pbkdf2.htm
但是,如何升级到PHP5.5并使用它呢?
http://php.net/manual/en/function.hash-pbkdf2.php
好奇为什么PHP网站指出:
Caution
The PBKDF2 method can be used for hashing passwords for storage (it is NIST approved for that use). However, it should be noted that CRYPT_BLOWFISH is better suited for password storage and should be used instead via crypt().
对于低于5.5的PHP版本,使用defuse.ca解决方案是否公平,然后在升级到PHP5.5之后将其切换出来?
/*
* PBKDF2 key derivation function as defined by RSA's PKCS #5: https://www.ietf.org/rfc/rfc2898.txt
* $algorithm - The hash algorithm to use. Recommended: SHA256
* $password - The password.
* $salt - A salt that is unique to the password.
* $count - Iteration count. Higher is better, but slower. Recommended: At least 1000.
* $key_length - The length of the derived key in bytes.
* $raw_output - If true, the key is returned in raw binary format. Hex encoded otherwise.
* Returns: A $key_length-byte key derived from the password and salt.
*
* Test vectors can be found here: https://www.ietf.org/rfc/rfc6070.txt
*
* This implementation of PBKDF2 was originally created by https://defuse.ca
* With improvements by http://www.variations-of-shadow.com
*/
function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
{
$algorithm = strtolower($algorithm);
if(!in_array($algorithm, hash_algos(), true))
die('PBKDF2 ERROR: Invalid hash algorithm.');
if($count <= 0 || $key_length <= 0)
die('PBKDF2 ERROR: Invalid parameters.');
$hash_length = strlen(hash($algorithm, "", true));
$block_count = ceil($key_length / $hash_length);
$output = "";
for($i = 1; $i <= $block_count; $i++) {
// $i encoded as 4 bytes, big endian.
$last = $salt . pack("N", $i);
// first iteration
$last = $xorsum = hash_hmac($algorithm, $last, $password, true);
// perform the other $count - 1 iterations
for ($j = 1; $j < $count; $j++) {
$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
}
$output .= $xorsum;
}
if($raw_output)
return substr($output, 0, $key_length);
else
return bin2hex(substr($output, 0, $key_length));
}
这是defuse.ca的当前解决方案,将这个函数重命名为hash_pbkdf2()是否公平,并且在升级到PHP5.5之后过渡是否顺畅?
解决方法:
从PHP 5.5开始,PHP密码的公认最佳实践是password_hash
.它提供了一种生成安全密码哈希的单一,统一,内置,将来兼容的方式.
如果您使用的是5.3.x或更高版本的安全更新版本,则可以改用the password_compat library.
在幕后,当前版本使用一些预定义的安全选项呼叫crypt
.将来的版本可能会更改默认选项.
请确保仔细阅读crypt页面上有关CRYPT_BLOWFISH版本控制的部分,并查看password_compat页面上的版本说明.
如警告消息中清楚指出的那样,PBKDF2被NIST接受为存储密码的适当方法.您可以使用它的实现而无需特别担心,但是只有在需要支持5.3之前的PHP版本或需要支持具有损坏的CRYPT_BLOWFISH的PHP版本时,才可以使用它的实现.